Field of the Invention
The present invention relates to a digital rights management method, and more particularly, to a method for safely issuing a rights object to a memory card in digital rights management (DRM).
Discussion of the Related Art
Digital Rights Management (DRM), as a system technology for safely protecting and systematically managing rights to digital contents, provides a series of protection and management system for the process of protecting an illegal copy of contents, acquiring a rights object (RO) of DRM contents, and producing, distributing and using DRM contents.
FIG. 1 is a view illustrating a general configuration of a DRM system.
A typical DRM system manages digital contents transferred from a contents provider to a user to be used only as much as the rights object allowed to the user. At this time, the contents provider is an entity corresponding to a content issuer (CI) 30 and/or a rights issuer (RI) 40.
The content issuer (CI) 30 issues contents (hereinafter, referred to as “DRM contents” or “digital contents”) protected by using a specific encryption key to protect contents from a user having no access authority, and the rights issuer (RI) 40 issues a rights object required for using the DRM contents.
The terminal 10 includes a DRM agent, and the DRM agent receives DRM contents from the content issuer (CI) 30, and receives a rights object for the contents from the rights issuer (RI) 40, and interprets permission and/or constraints included in the rights object (RO), thereby managing the use of the DRM contents in the relevant terminal.
Typically, a right object is encrypted by a public key of a specific terminal, and thus other terminals except a terminal having a private key that makes a pair with the public key are unable to decrypt or use DRM contents related to the rights object.
FIG. 2 illustrates an example in which a DRM technology in the related art is applied to broadcast services.
Referring to FIG. 2, it is illustrated an example in which a DRM technology in the related art is applied to broadcast services, namely, BCAST services.
A broadcast server 50 transmits a traffic encryption key (TEK) encrypted with a service encryption key (SEK) or program encryption key (PEK) to the rights issuer (RI) 40, and transfers broadcast contents encrypted with the TEK to a first terminal 11.
The rights issuer (RI) 40 provides rights including the SEK or PEK, and the encrypted TEK to the first terminal 11.
The terminal 11 stores rights received from the rights issuer (RI) 40 in a detachable memory 15. Furthermore, the terminal 11 copies the rights in the memory 15 into the terminal 11, and then decrypts the TEK included in the rights. Furthermore, the terminal 11 consumes contents transferred from the broadcast server 50 using the decrypted TEK.
In the related art as described above, a second terminal 12 is also able to receive the broadcast contents; however, if the second terminal 12 does not have rights including the TEK, then the second terminal 12 is not allowed to consume the broadcast contents, thereby protecting the contents.
However, in the related art as illustrated above, the rights in the memory 15 are copied into the terminal 11, and then contents are consumed by using the rights. Accordingly, if the rights that have been existed in the memory are copied into the terminal 11 and then the memory 15 is mounted in the second terminal 12, then a problem may be caused in that the broadcast contents can be used through the second terminal 12.
Such a problem may be more aggravated if they are broadcast contents having a long play time such as film or drama. In other words, the memory 15 may be shared by a plurality of terminals without a sense of responsibility, thereby causing a problem that the broadcast contents can be consumed without permission.